Android Malware Can Steal Google Authenticator 2FA Codes

Last month, a cybersecurity firm discovered that this malware can now steal 2FA codes from Google Authenticator app and doing a simple technique by screenshotting the Authenticator app's interface.

Android banking trojan namely "Cerberus" malware has the capability to steal One-Time Password (OTP) generated through Google Authenticator app that's used as 2FA for many online accounts.

•    Possible loss of sensitive information especially your bank account credentials

•    Use and install anti-virus software.
•    Adding "FLAG_SECURE" option inside the app's configuration as Flag prevents other apps to take screenshot of the codes
•    Make sure to update all software applications
•    Apply appropriate patches and updates immediately.
•    Good cyber hygiene and safe practices.